Posted
by
Soulskill
on Friday July 30, 2010 @03:39PM
from the do-androids-dream-of-electric-rights dept.

eldavojohn writes "According to AfterDawn, Google has given app makers the option to use a license server as DRM to ensure the user has paid for an app before they can download it. Reportedly, the Market app will communicate with a Google license server using RSA encryption. It is important to note this is only available for non-free apps (built with SDK 1.5 and later), and it was instituted to provide a better solution to the old and widely criticized copy protection scheme that was susceptible to Android app piracy (like sideloading). For better or for worse, Android's Marketplace appears to now have an optional, phone-home form of DRM."
Following news of the new licensing service, Hexage Ltd, makers of a popular Android game called Radiant, released the data they had collected on piracy of Radiant over a 10-month period beginning last October. A series of charts shows total users, paid users and the piracy rate, by region.

sure, they dropped phone with 2.1, but there is still the 3-axis accelerometer, 3-axis compass (huh?), 2mpix camera and GPS thats non-negotiable (with screen size and resolution being defined in groups, but with a "call us" for anything outside of that).

if they had dropped the phone focus properly, we would have had android powered devices that could go head to head with ipad by now. Instead we are left with some saber rattling and some chinese media players thats

It seems that Apple users enjoy purchasing and supporting their developers.

More like, they have no choice (for the most part -- piracy is significantly more difficult to engage in on the iPhone). This is the reason why so many developers like locked down, restrictive DRM and closed platforms -- because given the choice between free and even $0.99, free wins almost all of the time. When users essentially have no choice they actually pay for those apps that "they wouldn't have bought anyway".

I don't fault Google for adding this in. They are trying to build up Android and one part of doing that is by developing a strong development ecosystem around it. The problem is if there is huge piracy numbers it's hard to get money behind developing an app for Android. By giving some businesses a little more comfort, they can help to encourage adoption of the platform as a viable development platform for a business.

1. Much of the justification for paid apps when both free and paid are available, is to get rid of the ads and tracking in the free versions (admob, etc. at dev's option). Now, you'll be tracked by Google (again, at developer's option) even for paid apps.

2. There are 2 modes: strict and server managed. Strict mode will always verify license every time you start an app. This is useless when no network connection is available - e.g. on airplane, and gives maximum tracking to Google. Server managed can cache the server response and use the cached response when there's no network connection available. This has 2 problems: (1) from users' perspective: you'll have to pre-open such apps that you'd want to use on a plane before taking off (or going off-roading, camping, hiking, etc.) - for example, you don't usually play a certain game (but you will on a plane), so cached response could have expired - better remember to pre-open and re-cache everything before taking off! Users shouldn't have to deal with this crap. And (2) from developers' perspective: the cached response is stored "obfuscated" locally. The "obfuscation" is an encrypted file with a 20-byte salt. The salt is stored inside the application. This is not secure by design and once broken, useless.

There are better ways, none of which involve a lot of extra tracking by Google. For example, even in this licensing scheme, since the salt stays the same per apk, why not just validate the license at install time, and "cache" the encrypted license forever for that specific apk? Another option - why not encrypt the apk itself, decrypt when run or JIT compiled binaries only. In general, why not implement a generic encrypted storage container that could be used by users, developers, and the OS to securely store any information? This could even be encrypted via an optional user-settable password to an encryption key. This is not rocket science, it's been done everywhere else.

one will use a cached response from the last time the app was run if no connection to the Market is available

Which doesn't sound like the train wreck that you make it out to be:

from users' perspective: you'll have to pre-open such apps that you'd want to use on a plane before taking off (or going off-roading, camping, hiking, etc.) - for example, you don't usually play a certain game (but you will on a plane), so cached response could have expired - better remember to pre-open and re-cache everything before taking off! Users shouldn't have to deal with this crap.

It doesn't sound to me like the cached responses expire. Where did you get that information from?

why not just validate the license at install time, and "cache" the encrypted license forever for that specific apk

If there ever was a problem with the DRM then it could never be fixed unless users reinstalled their apps. This method is more secure. The cached response from last run seems like the best solution possible.

If they had cared, they would have created a global market accesible to the whole word (infrastructure is there, they just dont want to). 90% of the world isn't able to buy paid apps from the store, only free.

Requiring a phone to be online in order to run an app, especially if it otherwise has no need to communicate with the Internet, will hurt users of non-phone Android devices such as the Archos 5 Internet Tablet. I hope any developer that feels the need to do this will use the Steam-style "cached response from the last time the app was run if no connection to the Market is available", as the article puts it, rather than the Assassin's Creed 2-style "only allow[ing] the app to start if the server is available

<quote>Requiring a phone to be online in order to run an app, especially if it otherwise has no need to communicate with the Internet, will hurt users of non-phone Android devices such as the Archos 5 Internet Tablet. I hope any developer that feels the need to do this will use the Steam-style "cached response from the last time the app was run if no connection to the Market is available", as the article puts it, rather than the Assassin's Creed 2-style "only allow[ing] the app to start if the server

At the great risk to my karma, I guess I have to just pipe up and say that I don't see the problem here.

License-server based apps have been selling on various platforms for years. Decades. Android now supports this, adding a little attraction to developers to invest time and money making an application for use on Android. Given the lack of QA on a great many Android apps (can anyone offer an explanation how Facebook for Android is such pure garbage, all jokes about content aside?) I for one see this as a step in the right direction.

Android developers, you now have a piracy deterrent for your applications you would like monetary compensation for creating, and more importantly, maintaining. I fail to see how this is evil and how any of the wry 'do-no-evil-lol' quips are deserved.

That's really up to the developer. If I were to use such a service, I'd allow a certain number of executions without validation before validation was required again. For example, if the validation comes back, I save that date to my app database, maybe encrypt it, and run the same check each time it's run. If I don't get a reply for N days (or N runs) then disable the app. It would most likely be easily hacked (cause I'd have to store the value somewhere...) but it would most likely cut out the couch pir

Put cryptographic hardware in your CPU, and have it decrypt the binary inside the CPU at instruction cache miss time. The Capcom CPS-2 arcade board did something similar, coupling a crypto-processor and an MC68000 CPU.

Piracy is a big problem on Android in no small part due to the pathetically small number of supported payee countries in the world. China should be 100% piracy because you can't legitimately buy apps from China. Same with any other country not in this list: Australia
Austria
Canada
France
Germany
Italy
Japan

I don't see the problem, provided the app doesn't pop a license check every time it runs. Instead, it should cache the result against the phone's IMEI and some random obfuscation that would take some disassembly of the.apk to yank. When the app runs, if the IMEI is different, it automatically polls the license server and rebuilds the cached value. If it gets back that the user doesn't have that app purchased, it should either work in a demo mode, or point the user to the store to purchase it proper. If

I don't see the problem either - it is just DRM. That means in two weeks there will be a hacked market app on your favorite site that validates anything as legit.

The only way to keep people from running apps you don't want them to run is to not hand them the code to the apps - source, binary, or otherwise. Write a web-based app and nobody will use it without buying an account or whatever.

If you want your app to run offline, then it can be run without buying it - full stop.

Of course, people can do that or just go decompile the Java in the.apk files and strip out the API calls. Frequent updates by app makers will make that a slow job, especially if the developer has a Java obfuscation tool.

I just don't want any more incentive for phone makers to having eFuses, signed kernels, read-only filesystems that stay that way even as root, and other stuff that has to be tediously gotten around by experts in order to mod an Android phone. If piracy is dealt with by a mechanism other t

Well, I'd be happy if they just released open source drivers for the phones, and source to all the good parts of the phone (sure, they can keep the parts of the market that support paid software closed).

Then I could just flash my phone with my favorite android distro, and I could care less what Google does with theirs. There are all of about 14 programs I can buy for my desktop, so why should I care if I can't buy any software for my phone either?

Well it's not a problem per se, but every bit of DRM that's built into Android chips away at it's status as the "free" alternative to Apple's iOS. We can argue about whether or not that's fair, but it seems to be why people care about news like this.

(can anyone offer an explanation how Facebook for Android is such pure garbage, all jokes about content aside?)

Because the Facebook developers suck?

The iPhone Facebook app isn't much better. They finally got it stable, but that's after several versions and even then some people still have some crashing, and there are still plenty of missing features (I can filter the Newsfeed on the website to exclude those stupid facebook game posts people post every 5 seconds, but I can't seem to do the same on the phone

You can see in the charts something like 98% piracy in South America.This happens because... there's no way to buy applications if you're in South America. So, anyone with a paid application here *has* to pirate it.

Of course a publisher has the right not to sell his software. I just don't see that he is harmed if the people he chose not to sell it to pirate a copy. He hasn't lost anything. He still has his copy. He can't claim a lost sale since if the pirate hadn't pirated then there still wouldn't have been a sale.

Why is your right to acquire something more important than his right to control his creation?

While someone's right to their own creation is pretty well established (after all, that's the purpose of copyright), where does the idea that people should have to either sell you something or let you take it come from?

It seems like just because something isn't physical (has no marginal cost), people argue that a creator's rights don't apply.

While someone's right to their own creation is pretty well established (after all, that's the purpose of copyright), where does the idea that people should have to either sell you something or let you take it come from?

Uh, nobody is taking anything from anybody - they're making a copy. The creator still has their creation, and they are completely unharmed.

I'm fine with the purpose of copyright - encouraging the creation of content by giving the creator a limited monopoly on their creation so that they can monetize it and finance the creation. The problem is that in this case no monetization is happening, which means the law has failed to achieve its purpose.

A copyright law that only protected works that were available for sale would be JUST as effective at promoting science and the arts. Indeed, it would be more effective as it would remove the extinction of orphan works. Ditto for a law that limits copyright to some sane duration.

For some reason everybody acts like copyright exists to protect the rights of content creators. It doesn't exist for this purpose at all. It exists to benefit society by creating a demand for content creators in the first place. Content creators who don't share their content at all have no benefit to society at all. Now, that's fine if you want to paint masterpieces in your basement - nobody is forcing you to sell it. However, you aren't harmed at all if your masterpiece can be purchased at the local walmart if you weren't ever going to sell it yourself.

Who is being harmed in this case, and how? And I don't hurt feelings either - I'm talking about loss of some kind that can be measured in things you can see and touch.

"The creator still has their creation, and they are completely unharmed."

False. When you copy a song, artwork, program, game, or porno you are destroying the very thing which you want. That art has to be made by someone, and it cost money to live, by not paying for art you are depriving the artists of the means to make their art. The problem people have today is in a digital world the fraction they are stealing is so small it seems trivial, but it adds up just the same.

That art has to be made by someone, and it cost money to live, by not paying for art you are depriving the artists of the means to make their art.

You're not paying them either way - because they aren't accepting payment.

It doesn't matter if the creator is never selling their art, if you copy it, you are still hurting creators who are selling their art by displacing your need for that type of art from art that is for sale which would support someone, to art that isn't for sale that you stole.

It is a monopoly granted by the state because it is deemed to be for the public good by creating an incentive (see the US constitution) and to ensure that you can share profits others make on your work (one reason for the Statute of Queen Ann).

If neither of these apply (which it clearly does not in these circumstances) you have just subverted the reason it (copyright) exists in the first place.

Why is your right to acquire something more important than his right to control his creation?

Because neither are rights. 91degrees has no "right to acquire", and Hexage has no right to control their creation.

Copyright was introduce in order to encourage people to create and publish, knowing that, for a limited amount of time, they get to make money from that creation. As such, copyright is not a right (the way free speech is), it is a compromise between free commerce and creating incentive to create, and on

Why ? For greater good.
Let's be utilitarian on this one. What are the consequences of both options ? If you give priority to the right to acquire, you end up with widespread possession of something of value, with the possible drawback of making it more difficult to make a living out of providing this content (which is not proven IMHO and highly dubious)
If you give priority to control, you end up with the nightmarish tech market of incompatible DRM schemes, tracking of users, closed apps and obfuscated "s

What does a phrase from the US Constitution have to do with selling copyrighted software in South America?

For one thing, Google and many of these application publishers are in the United States. For another, the United States Trade Representative has been pushing "free trade agreements" with other countries, such as Australia and the countries of South America, that in essence require other parties in the treaty to implement copyright as the United States knows it.

In that case, a (distant) argument under a foreign counterpart to fair use law [copyright.gov] could be made. Please explain any substantial negative "effect of the use upon the potential market for or value of the copyrighted work" in a region where authentic copies are not available. Or what does the corresponding statute in Brazil and Argentina say?

What should somebody who tries to make something better do about nuisance lawsuits from incumbents who claim that something better infringes the incumbent's exclusive rights? For example, Tetris v. Biosocia or Konami v. Roxor games or Bright Tunes Music v. Harrisongs Music. For example, pretend it comes to my attention that I have accidentally used part of someone else's song in my own. What's my next step?

But by freely pirating unavailable works you make it difficult for the publisher to find it profitable to eventually bring his product there, creating a sort of death spiral for legitimate works. I'm not suggesting that society has an obligation to help him make money, but if we've agreed that domestically that's an ingredient that helps promote the creation of works, then surely that holds internationally too? Even if there's a delay in the release cycle (not something I'm happy about either)?

Unless something has changed, for example, it is completely legal to intercept DirecTV service in Canada (I know it used to be at least). Why? Simple - DirecTV refused to sell service to Canadians (licensing issues and all that), so Canada just said, well, we won't regard cloning of access cards/etc as theft of service. As a result you can sell cloned smartcards or whatever in your local walmart if you want.

I believe that this doesn't actually require the app to need the Internet permission. I believe it just requests the pay information from the Market app and the Market app uses the Internet, so you'd have to use droidwall to block market's internet access.

Yes. Like it or not cycles are so cheap that now everybody is starting to carry around little general computing devices. The unfortunate side effect of this is that people will attempt to compromise them.

... now I see why we have always been at war with Oceania - they are apparently stealing all our apps.

It's pretty amazing the North America piracy figure is so much lower. I wonder if that's the result of a far larger user base in NA? Or are Europeans (where I thought the figure would be similar) just have a more pirate-prone culture?

It would also be interesting to see beyond this static view, how many users they saw going from pirated to paid. That I think is the key figure to understand if piracy is a

It is obvious that the piracy level is higher in regions where it is impossible to buy paid apps. For the sake of the application customers, application publishers and the Android ecosystem, please do something about it google. The ratio between paid versus free apps in the Android Market is extremely tilted towards free apps for this very reason.
As long as there are countries where it is impossible to buy paid apps for Android there will be people who will pirate and crack the applications.

There were (at least) two fundamental flaws with the original Android Market protection scheme, neither of which appears to have been rectified by this change (besides possibly to make matters worse for end users):

* As everyone has already noted, lots of people around the world with Android phones can't actually buy apps from Android Market, EVEN IF they have a Mastercard/Visa/AMEX card with dollar-denominated account. That's just plain fucked.

* You can't officially purchase and run protected Market apps if your phone is running an unblessed "Developer" kernel. Of course, there's not a single goddamn phone from HTC, Samsung, or Motorola with Google-blessed kernel that has BlueZ Bluetooth HID profile compiled into it, so it's impossible to build your own kernel with it enabled without being formally exiled from 99% of commercial Android apps. At least, unless you crack them. Any DRM scheme that forces legitimate users to crack apps they purchased in order to use them is fundamentally broken, especially when there are still gaping holes in Android phones that need a customer kernel to fix.

As for "developer's option" whether or not to cache, let's be honest... at least half the developers publishing commercial apps don't have the slightest clue in HELL how to implement a secure caching scheme, and they aren't going to purchase a proprietary one that demands more money up front than they're likely to earn from the app's sale. So, anybody care to guess what's going to happen? Most apps in Market are going to end up checking the server every goddamn time, because the alternatives are too hard/expensive for most Android publishers to deal with. IMHO, Google got THAT part EGREGIOUSLY wrong. They should have distributed the Android DRM module themselves, and made it free & easy for publishers to do cached checking, but left it difficult and minimally-documented how to bypass that caching and check the server every time.

I love Android. I really do. But it's so incredibly frustrating when Google turns around and fucks things up in ways that CAN'T be fixed by end users with access to Android's sourcecode... usually, mistakes that are almost incomprehensible given the amount of in-house talent and expertise Google has available to it. At times, Google actually manages to make even *Microsoft* look coherent and customer-focused.

As for "developer's option" whether or not to cache, let's be honest... at least half the developers publishing commercial apps don't have the slightest clue in HELL how to implement a secure caching scheme, and they aren't going to purchase a proprietary one that demands more money up front than they're likely to earn from the app's sale. So, anybody care to guess what's going to happen? Most apps in Market are going to end up checking the server every goddamn time, because the alternatives are too hard/expensive for most Android publishers to deal with.

First of all, the devs don't have to implement very much else than an API call ("LicenseChecker.checkAccess()") and supplying code for the two callbacks "allow()" and "dontAllow()". See http://developer.android.com/guide/publishing/licensing.html [android.com] (yeah, they call it a "licensing service" rather than DRM, no real surprise).

Second, it's very easy for devs to choose the best (from our point of view) option: you use an instance of either "ServerManagedPolicy" (uses cache fallback) or "StrictPolicy" (insists on

It requires an internet connection in order to launch. I can't play this game when I'm on an airplane, because of this bullshit. I'm only interested in playing this game in situations where I'm bored and have no internet access, so this really pisses me off. I look forward to the day I can crack it and because Namco chose to use such an obtrusive DRM, I will NO longer buy their games.

The only thing DRM is good for is using the white paper to wipe my ass.
Nothing has EVER been made better by DRM, nor has the public ever been given much of a chance against it.
This is reason enough to tell Android to join the club of unused junk in my closet. Sucks because I really like the (idea of an) open environment. Too bad it isn't really open to anyone but google and the phone companies they have gone to bed with.
Remember, the choices you make today may be small, but they may lead to huge mistakes

There is a need for more than one application market, book market, movie market... Who cares if a $1.99 cell phone game or a $4.95 e-book are DRMed? If you expect any of these to be a masterpiece to share with your grandchildren, you value them way more than their author apparently does. Conversely, a durable hardcover book or an application that handles your important data and guarantees it to be available decades later is worth a lot more. It may make some time, but consumer application developers will st

The potential evil is one of deceit, it's in colluding with someone who claims to be 'selling' an application, which in reality is programmed to disobey the person deceived into thinking they own it if it can't find this DRM server.

Using DRM, by itself, is not an issue. It's this refusal to be clear that, by doing so, you've changed 'selling' into a strange form of rental (with incompletely specified conditions) which is the evil bit. If you participate in an activity which looks like selling, but doesn't actually give the 'buyer' the freedoms they get when they buy a useful object normally, that looks like complicity in fraud to me.

It isn't deceit if the consumer can't be bothered to read the Terms & Conditions properly.

Don't get me wrong, I'm totally anti-DRM and if developers want to use it then they won't have me as a customer, it's that simple. But for every DRM-ed app or game out there, there are free alternatives, so it doesn't bother me.

And if an app or game uses DRM then it will be there in the Terms & Conditions somewhere - or just wait & week after it's release & check reviews or comments because it will be t

As an android user and purchaser of apps I would hope they would mark DRMed apps in some way. I do not want to buy them, I do not care if they work I have a moral objection to the them period.

This is probably another one of those cases where I will be forced to buy less as the work of finding out what I would buy is more than the alternative of just going without or doing something else with my time.

If/When developers opt to use this DRM server, will they be branded as Evil as in Apple?

Yes. In no uncertain terms. I have no problem whatsoever paying for good software, but I do have a problem paying for software whose execute permissions can be remotely revoked. And, if I do find that I've bought an app from the Market that did not disclose its use of said DRM, it will be uninstalled moments later. So far as DRM is concerned, odds are that it will be performed competently (from a technical perspective) by Google. That doesn't make it right, or desirable from the user's perspective. Persona

Netflix Watch InstantlyDRM and legal constraints enforced by Netflix. You know, silverlight? You can also thank MS for that one.Adobe Photoshop, including those high-end features that distinguish it from GIMP mods such as GIMPshopAdobe Flash CS3Adobe products have equivalents on open source but not necessarily free software - I'd consider gimp equivalent for development, mostly. Don't sit and try to tell me professionals prefer photoshop over

Do FOSS developers want one?Because if not that pretty much explains it. If you want one I suggest you pay for one to be created. Get this into your little brain, FREE software developers do not owe you anything.

Unless it's DRM on the bootloader of the hardware on which the FOSS equivalent is supposed to run. For example, see Nintendo's successful lawsuit against a UK retailer of cards designed in part for running FOSS and other freeware on a DS.

Or unless it's DRM on the media that a FOSS media player is supposed to play. For example, see the DVD CSS cases.

I think you're full of shit. I have paid for and will continue to spend my software dollars on FREE software as much as possible. Sure some kids want everything for free, they also pirate games, who cares.

Free software types are not opposed to for-pay software, at all. The two concepts are not related.

This distinction was somewhat valid when one had to order software on tapes and disks.
But in an era when the cost of distribution is just about zero, it's very difficult to charge for copyleft software.

What are the options to earn income from software that's entirely copyleft?

Panhandling: But most won't pay if the only new thing they're getting is a warm feeling. It turns programmers into beggars and servants [wsj.com].

Selling support: But many users don't need it, or can't afford it, and they need it less t

Sell binaries offer only sources as no cost. That will compel most to pay.

I think you're suggesting that most users aren't sufficiently savvy or time-rich to build it themselves, so will pay.

However I think that most end-users will easily discover the many no-charge builds that people will make available if the software's licence permits it, as would be the case for software under any FOSS license. And what about interpreted software where the source is the binary.

That's why I think a different open-source licence is required that gives people free-reign to distribute binari

That's why I think a different open-source licence is required that gives people free-reign to distribute binaries and/or source of both original and modified versions of the software, as long as they pay the original author any licence fee that the author has designated, which will require re-distributors to charge their customers at least this amount.

That's a different open-source license the way a camel is a different horse.

That's a different open-source license the way a camel is a different horse.

It depends what freedom users care most about — the freedom to tinker, or a freedom from paying — and what user freedoms don't substantially reduce the incentive for developers to develop solutions to a particular problem.

Except that this is not about proprietary software, it's about DRM. DRM lets a bastard take up a piece of otherwise free software and lock it up.

And the most important thing, for DRM to work at all, you must be unable to modify the operating system itself. This is the main problem here. I don't give a damn about your little closed source app, as long as it doesn't make it impossible for me to mess with the system.

Also, a lot of people disagree with paying for apps as that goes against the purpose and concept of free software (and associated benefits/gains).

I can't believe people still confuse free as in beer and free as in freedom, despite how many times people point out the difference on here.

Free software types are not opposed to for-pay software, at all. The two concepts are not related.

Well the term "Free as in beer, and Free as in Freedom" is pretty confusing.

Beer isn't free. No where you can go to get free beer, because it cost money to make, to grow the items, etc.Freedom is an idea. ideas don't mean the same to everyone. ideas aren't tangible.

And honestly, the freedom isn't free either, it's going to cost lives, time, money, and pissing off others trying to spread your "freedom".(um, edit here. Actually, Freedom is free, as in, you can imagine it, think about it. But if you act

"Also, a lot of people disagree with paying for apps as that goes against the purpose and concept of free software (and associated benefits/gains)."

No you are wrong. You are super wrong. You are full of it.If you are talking about GNU/FSF/RMS meaning of the free software.

It goes against the purpose and concept of free software to us free software.As betterunixthanunix points out GNU has no problem with charging for software at all.

So yes you can pay for free software all you want. To follow the purpose and concept of free software you would disagree with and refrain from using any software that you where not free to distribute and that did not give you the source or at least an offer of the source!

Not liking DRM is also okay.But just taking the software is just being a rotten cheapskate that refuses to pay the developer what the developer thinks his product is worth. And you are violating his rights to license his software how he sees fit.In other words your being a jerk when you pirate some $ 1.99 game for you cell phone and being anti free software at the same time.

In reality, costs go down significantly over time for ongoing software development...

I dunno if you were being serious or not, but I would like to point out something: DRM creates on-going costs for software. EA, for example, will continue paying lots of people money to handle the servers and the customer service needed for their Spore customers to play their game for as long as they decide to support it. That means that for every product they sell, as they years go by, the actual profit they made from that sale will continue to decline.

They will just discontinue support for the game rather soon. For a good example look at halo on the xbox, no more online multiplayer. Yet, many PC games from that era still have active multiplayer communities.

EA will not let you play spore forever, eventually they will say it is EOL and you can forget about playing it anymore.

Sure. But they've still spent a lot more than they would have on supporting the game during its run. It doesn't matter how short of period they use, they're still eating into their own profits when they use a system like this.

So, a couple of Chinese companies with obscure products have not released their sources and that makes Android as a whole "closed?" Android is open source [android.com] last time I checked. As in you can get the source, change it, compile it, get it to work with your own hardware, and redistribute it. In fact, those obscure companies and products are a testament to that.

The fact that some are trying to lock down their bootloaders, not disclose drivers, or trying to lock down root access, etc. does not make the underlying

For those that never wanted to pay for apps that the developers wanted to _sell_.

DRM isn't a requirement here. If two apps exist in an equally functional form and one has DRM while the other doesn't, I know what one I'm picking. If I don't like the DRM, I have a choice to not get DRM'd apps.

It's still consumer choice at this point. Google is just offering a way for developers to DRM their apps if they so choose to do so. If it ends up not being popular, the developers can choose to remove the DRM.

Even if you don't keep backups, iTunes keeps a permanent history of your purchases and will let you download any App* you already paid for free if you try to buy it again, on any device tied to the account.